I am trying to understand the behaviour of Authentication Handler and Login module and when do we need to write a custom one. I think I understood the need to write a custom Authentication Handler i.e. when we need to extract the login credentials in a way which is not provided OOTB, a custom authentication handler is needed. For example, SAML 2 authentication handler, SSO handler is a custom implementation. But I am failed to understand when do we need to write a custom login module and how both, an Authentication handler and a login module are related and how they communicate with each other?